Certificate
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EPCv7dFt8hZYC0-O11r8oyhpTxk.cer
File: EPCv7dFt8hZYC0-O11r8oyhpTxk.cer (raw, json)
Hash identifier: 8mECIpJwMVT9vLQ8daNOugX0NzmFkEVIhIk9HZvJI2g=
Subject key identifier: 10:F0:AF:ED:D1:6D:F2:16:58:0B:4F:8E:D7:5A:FC:A3:28:69:4F:19
Authority key identifier: A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
Certificate issuer: /CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Certificate serial: 2808
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
Manifest: rsync://rpkica.twnic.tw/rpki/TWNICCA/ROUNDROAD/EPCv7dFt8hZYC0-O11r8oyhpTxk.mft
caRepository: rsync://rpkica.twnic.tw/rpki/TWNICCA/ROUNDROAD/
Notify URL: https://rrdp.twnic.tw/rrdp/notify.xml
Certificate not before: Fri 01 Sep 2023 03:11:14 +0000
Certificate not after: Sat 31 Aug 2024 03:10:53 +0000
Subordinate resources: IP: 103.123.192.0/22
IP: 2403:a840::/32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10248 (0x2808)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDB290000/serialNumber=A23A7C63547118AAE497F03E13121C96AB34547E
Validity
Not Before: Sep 1 03:11:14 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=10F0AFEDD16DF216580B4F8ED75AFCA328694F19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e3:3f:bd:83:34:67:39:1d:ba:cd:58:c3:83:
45:c2:b0:15:b2:e7:eb:9e:77:fa:c5:b5:ac:d4:81:
e3:df:28:47:27:32:c5:44:c4:44:6a:17:8e:7a:c3:
2a:8d:f8:23:4a:8a:4b:2c:00:19:40:cb:78:c8:47:
48:9a:76:5e:71:cc:2a:4c:5b:f2:23:14:30:eb:51:
b3:2b:70:50:88:d0:88:c2:28:2c:15:d3:4a:71:2b:
67:e3:15:39:51:7f:ec:4a:5f:ef:75:eb:58:d1:9c:
0e:fa:bf:a2:aa:7a:95:ff:63:66:1e:56:7c:c4:b0:
11:ef:0d:d2:a6:a4:b5:81:78:1c:8c:7d:ee:9d:bc:
8a:f3:b9:5d:37:fa:a5:70:a2:54:d3:bb:fd:08:ae:
4f:17:4f:33:0b:b6:43:e0:9e:8d:e3:83:24:0b:f2:
3d:d5:dd:05:f4:ee:05:05:6f:07:b4:9c:8f:29:c1:
54:6b:96:d2:55:f0:61:9f:97:23:1b:05:ac:de:42:
de:d1:63:61:b6:37:92:24:77:7e:5c:66:7e:f9:b0:
35:0a:84:88:8a:97:18:fc:a6:f0:9c:6e:6c:10:36:
7d:75:f1:db:cb:28:cb:56:fa:b8:92:a8:84:e8:c4:
06:b7:cf:a4:4e:a1:af:c6:90:bb:0f:bf:e7:85:a4:
09:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:F0:AF:ED:D1:6D:F2:16:58:0B:4F:8E:D7:5A:FC:A3:28:69:4F:19
X509v3 Authority Key Identifier:
keyid:A2:3A:7C:63:54:71:18:AA:E4:97:F0:3E:13:12:1C:96:AB:34:54:7E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ROUNDROAD/
RPKI Manifest - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ROUNDROAD/EPCv7dFt8hZYC0-O11r8oyhpTxk.mft
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.192.0/22
IPv6:
2403:a840::/32
Signature Algorithm: sha256WithRSAEncryption
85:99:c2:36:f1:10:13:ed:a6:89:71:65:33:f5:d9:94:b4:22:
5f:80:c8:68:98:d1:7f:67:a1:f7:1f:0f:e2:46:38:4a:6c:7f:
bb:52:ef:08:e3:25:b6:7e:cd:6f:6f:6a:fa:30:f3:12:08:30:
71:ea:eb:ce:3c:82:3f:79:f1:02:95:20:80:45:01:88:55:dc:
76:8f:98:4e:9c:82:87:dd:4d:56:6b:25:ee:bc:33:49:85:e1:
67:e0:8b:83:c3:f4:1c:a1:d0:42:2a:2d:eb:2d:a5:15:f3:0b:
eb:5d:3e:1b:24:4d:93:27:7e:f2:59:20:91:24:e6:e2:69:73:
d0:13:a6:56:0d:fd:88:d0:1d:62:53:5a:de:dc:8d:86:10:61:
8a:52:36:70:ec:b9:2f:d8:f8:44:0d:87:38:b8:42:5b:6b:fe:
ca:99:f6:62:4d:0b:e3:3c:0e:f3:4f:ba:92:34:03:b8:31:de:
6e:77:35:63:8e:eb:50:e3:9a:32:bf:e6:87:bb:67:90:b3:c1:
26:74:0f:13:62:96:01:00:d6:36:47:a8:27:5a:2f:1b:a0:c9:
da:71:7d:f0:12:33:0c:00:0e:9d:f8:59:7d:f2:22:94:c7:f7:
dc:f8:c6:3e:e4:e1:ce:26:04:d5:a3:b4:15:59:74:c5:b6:14:
1e:a6:d1:e6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgICKAgwDQYJKoZIhvcNAQELBQAwSjEVMBMGA1UEAxMMQTkx
QkRCMjkwMDAwMTEwLwYDVQQFEyhBMjNBN0M2MzU0NzExOEFBRTQ5N0YwM0UxMzEy
MUM5NkFCMzQ1NDdFMB4XDTIzMDkwMTAzMTExNFoXDTI0MDgzMTAzMTA1M1owMzEx
MC8GA1UEAxMoMTBGMEFGRUREMTZERjIxNjU4MEI0RjhFRDc1QUZDQTMyODY5NEYx
OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM7jP72DNGc5HbrNWMOD
RcKwFbLn6553+sW1rNSB498oRycyxUTERGoXjnrDKo34I0qKSywAGUDLeMhHSJp2
XnHMKkxb8iMUMOtRsytwUIjQiMIoLBXTSnErZ+MVOVF/7Epf73XrWNGcDvq/oqp6
lf9jZh5WfMSwEe8N0qaktYF4HIx97p28ivO5XTf6pXCiVNO7/QiuTxdPMwu2Q+Ce
jeODJAvyPdXdBfTuBQVvB7ScjynBVGuW0lXwYZ+XIxsFrN5C3tFjYbY3kiR3flxm
fvmwNQqEiIqXGPym8JxubBA2fXXx28soy1b6uJKohOjEBrfPpE6hr8aQuw+/54Wk
CUMCAwEAAaOCAmUwggJhMB0GA1UdDgQWBBQQ8K/t0W3yFlgLT47XWvyjKGlPGTAf
BgNVHSMEGDAWgBSiOnxjVHEYquSX8D4TEhyWqzRUfjAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMFUGA1UdHwROMEwwSqBIoEaGRHJzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS9vanA4WTFSeEdLcmtsX0EtRXhJY2xxczBWSDQuY3Js
MH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmlj
Lm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYy
L29qcDhZMVJ4R0tya2xfQS1FeEljbHFzMFZINC5jZXIwDwYDVR0TAQH/BAUwAwEB
/zAOBgNVHQ8BAf8EBAMCAQYwgdwGCCsGAQUFBwELBIHPMIHMMDsGCCsGAQUFBzAF
hi9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUk9VTkRST0FE
LzBaBggrBgEFBQcwCoZOcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1JPVU5EUk9BRC9FUEN2N2RGdDhoWllDMC1PMTFyOG95aHBUeGsubWZ0MDEG
CCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1s
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ3vAMA0EAgACMAcDBQAkA6hA
MA0GCSqGSIb3DQEBCwUAA4IBAQCFmcI28RAT7aaJcWUz9dmUtCJfgMhomNF/Z6H3
Hw/iRjhKbH+7Uu8I4yW2fs1vb2r6MPMSCDBx6uvOPII/efEClSCARQGIVdx2j5hO
nIKH3U1WayXuvDNJheFn4IuDw/QcodBCKi3rLaUV8wvrXT4bJE2TJ37yWSCRJObi
aXPQE6ZWDf2I0B1iU1re3I2GEGGKUjZw7Lkv2PhEDYc4uEJba/7KmfZiTQvjPA7z
T7qSNAO4Md5udzVjjutQ45oyv+aHu2eQs8EmdA8TYpYBANY2R6gnWi8boMnacX3w
EjMMAA6d+Fl98iKUx/fc+MY+5OHOJgTVo7QVWXTFthQeptHm
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:06 2024 by rpki-client on console-ams.rpki-client.org